CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

377 matches found

Vulnrichment•added 2026/04/09 9:24 p.m.•0 views

CVE-2026-33793 Junos OS and Junos OS Evolved: When an unsigned Python op script configuration is present, a local low privileged user can compromise the system

An Execution with Unnecessary Privileges vulnerability in the User Interface UI of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python op scripts is present o...

8.5CVSS5.9AI score0.00008EPSS

Exploits0References1

Ubuntu•added 2026/03/25 7:11 p.m.•1 views

USN-8125-1: Linux kernel (Azure) vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.2AI score0.03752EPSS

Exploits8References1

CVE•added 2026/02/10 4:25 p.m.•6 views

CVE-2025-32007

The CVE describes an out-of-bounds read in some Intel TDX prior to tdx module 1.5.24, within the Ring 0 Hypervisor. It may allow an information disclosure. An authorized adversary with privileged user access, using a low-complexity local attack with no user interaction, could exploit this to expo...

5.6CVSS5.3AI score0.00017EPSS

Exploits0References1

Tenable Nessus•added 2026/01/15 12:0 a.m.•1 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002251 advisory. The onlinepages function in mm/memoryhotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service NULL pointer dereference and system cra...

4CVSS6.7AI score0.00058EPSS

Exploits1References18

RedhatCVE•added 2026/01/09 11:26 a.m.•5 views

CVE-2021-33179

The general user interface in Nagios XI versions prior to 5.8.4 is vulnerable to authenticated reflected cross-site scripting. An authenticated victim, who accesses a specially crafted malicious URL, would unknowingly execute the attached payload...

6.1CVSS6.4AI score0.64832EPSS

Exploits0References1

Tenable Nessus•added 2025/12/03 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2025-49643

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated Zabbix user including Guest is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.ph...

6.5CVSS6.6AI score0.00102EPSS

Exploits0References3

OSV•added 2025/10/21 7:21 p.m.•0 views

CVE-2025-56799

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled cache-clearing mechanism via a crafted folder name. NOTE: this is disputed by the Supplier because a crafted folder name would arise only if the local user were attacking himself...

6.5CVSS5.8AI score0.01894EPSS

Exploits2References2